To avoid SSL Certicate Error if the nonAuth Guest will be redirected to portal page (which reside on EWC) we use a public certificate.
This is a wildcard certificate to customers domain - let say *.example.com

So i have to redirect NOT to IP (which is default) i have redirect to FQDN portal.example.com

Works fine if the DNS entry answers the IP of EWC1 =192.168.44.5.

But what about EWC redundancy and the 2 different IP in this EWC Topology ??

What happens if EWC1 fails and EWC2 which have IP 192.168.44.6 runs the portal - DNS answers 192.168.44.5 - so portal fails!

What is the solution ?

First idea was to configure portal1.example.com on EWC1 and portal2.example.com on EWC2 but the above screen was configured at WLAN Service level - so this will be at once replicated to other EWC - only one common value is configureable.

Second idea is to make two DNS Entries portal.example.com = 192.168.44.5, portal.example.com = 192.168.44.6.
But how does this work if both EWC are working. I fear this was not considered by design and will not work correctly.

4 replies

Turn off sync of the WLAN service then you are able to configure different values.... downside is that you'd need to do future changes for this WLAN service on both EWCs which isn't a big deal from my experience as you don't make changes that often after the installation.

Turn off sync of the WLAN service then you are able to configure different values.... downside is that you'd need to do future changes for this WLAN service on both EWCs which isn't a big deal from my experience as you don't make changes that often after the installation.

Turn off sync of the WLAN service then you are able to configure different values.... downside is that you'd need to do future changes for this WLAN service on both EWCs which isn't a big deal from my experience as you don't make changes that often after the installation.

if you add two A-Records for one IP normally a DNS server will answer alternately with both ip addresses (sometimes used for a simple loadbalanceing), only one at the same time. In a normal system state this should work.

But in case of one controller is down a guest can receive the ip of the down controller and the access won't work if the client did no second DNS request.

Cookie policy

Cookie settings

We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.